Abstract

Database-as-a-Service (DBaaS) is a category of cloud computing services that enables IT providers to deliver database functionality as a service. In this model, a third party service provider known as a cloud server hosts a database and provides the associated software and hardware supports. Database outsourcing reduces the workload of the data owner in answering queries by delegating the tasks to powerful third-party servers with large computational and network resources. Despite the economic and technical benefits, privacy is the primary challenge posed by this category of services. By using these services, the data owners will lose the control of their databases. Moreover, the privacy of clients may be compromised since a curious cloud operator can follow the queries of a client and infer what the client is after. The challenge is to fulfill the main privacy goals of both the data owner and the clients without undermining the ability of the cloud server to return the correct query results.

This thesis considers the design of protocols that protect the privacy of the clients and the data owners in the DBaaS model. Such protocols must protect the privacy of the clients so that the data owner and the cloud server cannot infer the constants contained in the query predicate as well as the query result. Moreover, the data owner privacy should be preserved by ensuring that the sensitive information in the database is not leaked to the cloud server and nothing beyond the query result is revealed to the clients. The results of the complexity and performance analysis indicates that the proposed protocols incur reasonable communication and computation overhead on the client and the data owner, considering the added advantage of being able to perform the symmetrically-private database search.